This sounds an awful lot like an unapproved bof. The reason we don’t do
those is that they tend to make it hard for people to participate. Why
isn’t this in scope for dnsop?
On Mon, Jul 9, 2018 at 10:49 PM Patrick McManus <pmcmanus@mozilla.com>
wrote:
> Hi All,
>
> I am organizing an ad-hoc Side Meeting regarding 'Resolverless DNS' in
> Montreal.
>
> We have often talked about the benefits and concerns of DNS information
> obtained from sources that are, shall we say, less globally trusted than a
> recursive a resolver. The central use case is DoH when pushed from an
> endpoint that isn't a recursive resolver but there have been other
> proposals.
>
> For example www.example.com pushes you a AAAA record for img1.example.com.
> Should you use it? What if it is for img1.img-example.com ? Do the
> relationship between these domains matter? What kind of relationship (i.e.
> it could be a domain relationship, or in the context of a browser it might
> be a first-party tab like relationship, etc..)? What are the implications
> of poison? Trackers? Privacy of requests never made? Speed? Competitive
> shenanigans or DoS attacks?
>
> This was out of scope for DoH.
>
> *We'll do the meeting over 1 hour in the Dorchester room from 16:30 to
> 17:30 on Monday July 16th.*
>
> This is a meeting of interested folks looking to see if we can agree on
> next steps - we're not going to work out the details (nor should a side
> meeting try and do so). so we'll have a tight agenda that I suggest
> organizaing as follows:
>
> 1] What forms of transport could be in scope? HTTP/2 push is one such
> vector, but I've heard others. Spray paint for example.
>
> 2] What needs to be considered when using such data? (signatures? scope?
> etc?)
>
> 3] Who are the stakeholders for 1 + 2?
>
> 4] Is there enough interest to explore further? Next steps as output
>
> I hope you can come!
>
> -Patrick
>
> _______________________________________________
> DRIU mailing list
> DRIU@ietf.org
> https://www.ietf.org/mailman/listinfo/driu
>